Tenable Network Security Podcast - Episode 57 - Dennis Brown
Welcome to the Tenable Network Security Podcast - Episode 57
Hosts: Paul Asadoorian, Product Evangelist
Announcements
Interview with Dennis Brown
"Dennis Brown is a research engineer for Tenable Network Security. He specializes in malware analysis with a penchant for botnet research. Dennis has spoken previously at Defcon 18, Toorcon 10 and 11 and on the PaulDotCom security podcast. He also organizes the DC401 hacker group in Rhode Island and the QuahogCon security conference."
Dennis recently gave a presentation titled "Resilient Botnet Command and Control with Tor" at HiTB Malaysia and Toorcon 13. Dennis and I discussed the following topics:
- I was working for a University when Tor first became popular. This presented many challenges; students were using it to evade detection by the RIAA/MPAA, attackers were using it to launch attacks against us, and I even encountered a few Tor exit nodes in my time. How has the Tor network evolved over time?
- Which botnets have been observed in the wild using Tor?
- What is a private Tor network? How do you build a private Tor network? Is it easy?
- How does using Tor affect speed? Does this impact the botnet, and how so?
- What is an HTTP hidden service? Tor3web proxy? How does this all work to mask the botnet's command and control channel?
- I always thought that encryption would be the end of the good guys' fight against malware, but has that largely turned out not to be true or has it?
- It seems that masking the command and control channel produces the highest rate of success for a botnet. How does Tor help the bad guys accomplish this?
- How can we detect botnets using Tor?
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Podcast